The DisableHTTPS value is a read/write Boolean that indicates whether to disable secure HTTP. If set to one (1), security is disabled and the Page.SURL method uses HTTP, functioning the same as the Page.URL method. If set to zero (0), the Page.SURL method uses HTTPS (secure).
DisableHTTPS is set to its default value of one (1) when the site configuration is created by the Site Foundation Wizard. Security is disabled in the sample sites and in sites that you create with the Site Foundation Wizard. This is done so that you can create and test these sites without causing an error even on a server where a server certificate is not installed.
Also, because HTTP is more efficient than HTTPS, during application development it may be convenient to have the Site.DisableHTTPS property set to one (1).
This value should be set it to zero (0) before putting a site into production if the Page.SURL is used.
Usually you set this property by using one of the Commerce Server administrative tools. For example, using the Commerce Host Administration snap-in for Microsoft® Management Console (MMC), select the Web site, and then click Properties. On the properties page, click the Security tab, and then select the Enable HTTPS check box. (This is the same as setting the DisableHTTPS property to zero (0).)
The following example, when invoked from ASP, enables security:
MSCSSite.DisableHTTPS = 0